Third and final part of our 'It’s inevitable: are you ready for a breach?', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.
Recovering from a large-scale incident is not an easy task. When compromised by an Advanced Persistent Threat, one must plan the efforts ahead of time to succeed in fully remediating and eradicating the attacker from the environment.
This presentation combines the elements of a holistic investigation covering up to tens of thousands of machines and it includes specific knowledge on:
- How to best remediate from such an event;
- The different stages of the preparation, when it is the best time to remediate, and how to classify actions;
- Examples of real investigations and remediation efforts to illustrate common complications like remediating too early, remediating partially and working with third party IT providers

Second part of our 'It’s inevitable: are you ready for a breach?', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.

Mandiant responds to hundreds of breaches on a yearly basis, across all industries and geographies, coming across the full spectrum of threat actors, including nation states. Statistics show that the median dwell time (time between initial intrusion, and detection) for EMEA organizations in 2017 was 175 days. A 175 days roaming free inside the victim’s infrastructure. A large portion of which likely would have been with administrator privileges, thereby having the keys to the kingdom.
To be able to respond to such breaches effectively and efficiently Mandiant applies a structured approach, relying on its scalable technology platform, and threat intelligence collected over the last 14 years.

In this webinar, we discuss the Mandiant incident response approach, and why it matters to your organization if you are confronted with a serious compromise.

First part of our 'It’s inevitable: are you ready for a breach?', a 3-part series on state-of-the-art incident investigation techniques and breach response strategies.

Mandiant responds to hundreds of breaches on a yearly basis, across all industries and geographies, thereby gaining insights into the different threat actor groups out there, and their TTPs. But it also provides us with valuable insights into the how, and why of the failing defenses of the organizations we support in times of crisis.

In this webinar, we share our thoughts on what we experience on a daily basis while responding to the breaches that matter.

Cyber criminals have always been attracted to cryptocurrencies, which provide a certain level of anonymity and can be easily monetised. In recent years, criminals have gone beyond using cryptocurrencies as a payment method for illicit tools and services. Seeing their value and growing popularity, many actors are targeting cryptocurrency operations and exchanges with attacks such as malicious cryptocurrency mining, collection of cryptocurrency wallet credentials and extortion.

Join your host David Grout, Technical Director for Southern Europe, for a 45-minute webinar to discuss the latest cryptocurrency threats and trends.

FireEye announced the release of its annual M-Trends report which found that in 2017 attackers were present in EMEA organisations' networks a median of 175 days before being detected. This is an increase of almost 40 percent from the same measurement the year before which stood at 106 days.
The report is based on information gathered during investigations conducted by FireEye's security analysts in 2017 and uncovers emerging trends and tactics that threat actors used to compromise organisations.
For more information, join us in the upcoming webinar.

Every year consultants from Mandiant, a FireEye company, respond to a wide variety of cyber incidents by threat groups around the world. This experience is summarised in the annual M-Trends report, which explores changes in the cyber threat landscape.

During this webinar, our Vice President Stuart McKenzie will discuss:

- Longer-term trends in today's threat landscape
- Sophisticated and harmful APT groups to look out for
- Which organisations are most likely to be retargeted by attackers
- The difficulty of finding skilled personnel and how it affects the security function
- How weaknesses in security fundamentals contributed to successful compromises
- Best practice red teaming tactics for improved security defense

With data breaches on the rise, enterprises worldwide are looking to implement better technologies and processes for faster breach detection and response, as well as train all employees to be cyber aware.

Join this interactive Q&A panel to learn more about:
- Key factors for building a successful CISO strategy
- Why breach prevention matters
- True costs of breaches
- Technological solutions to consider for a more cyber resilient enterprise
- How AI/machine learning and human talent can work together
- Top threats to look out for in 2018

Cyber threats are growing faster than any other category of business risk, breaches are inevitable, and the areas put at risk when they happen are broad and deep: from a compromised system or supply chain to the financial implications of non-compliance and breach notification. You not only face compromised or lost data, but your brand will take a huge hit that it may not recover from. Add to that the legal risks resulting from regulatory fines and failure to keep customer commitments, and it adds up to a game-changing argument.

Business leaders need to understand the potential losses they face on multiple levels, acknowledge the changing risk and have a breach response plan in place, but most importantly they must escalate cyber risk at the highest organisational levels and bridge the gap between the fight on the frontlines and priorities in the boardroom.

Join us for an executive panel with our EMEA VP & regional leaders as they discuss insights on how the CISOs take the risk message to the board and how they bridge the gap by translating technical jargon into business language.

----------------------------
"Cyber security is a constant battle for every business, and one of the challenges is getting the Board of Directors to understand that enterprise-wide risk management is more than an IT problem. FireEye helps security teams and company executives bridge the gap between the fight on the frontlines and priorities in the boardroom."

- KEVIN MANDIA, CHIEF EXECUTIVE OFFICER, FIREEYE

"Cybersecurity is now a persistent business risk. The impact has extended to the C-suite and boardroom.
- PWC Global State of Info Security Survey, 2015

Most organizations have invested lots of money and resources into various security tools. The end result is an array of point products from different vendors that often don't work well together. FireEye Helix can help unify these existing investments while providing customers the ability to analyze and respond to alerts through a single centralized platform.
With Helix, you get FireEye's top of the line MVX detection capabilities paired with industry leading iSight intelligence. The result is high fidelity, contextual alerts, and the ability to shift from detection to remediation immediately-both on the network and on the endpoint. You will be able to resolve attacks quickly and effectively and minimize any impact. At the end, you will see a demo of how Helix identifies and responds to an alert.

Although GDPR is primarily a legal and compliance issue, a data breach is the point of failure that will highlight any deficiencies in an organization’s data protection and larger security posture.

GDPR Article 33 requires breaches to be reported within 72 hours of discovery. With just 72 hours after breach discovery to report the nature of the breach, number of records and subjects affected, and likely consequences, every hour matters, and visibility across the environment becomes a must.

With speed of response being critical, you need a trusted partner with the incident response expertise, threat intelligence and purpose-built technology to enable rapid initial notification, and to provide support with subsequent notifications once further data points are identified/obtained.

Join the conversation with Stuart McKenzie, Vice President Mandiant EMEA, to talk about :
· How FireEye can help you meet the GDPR 72-hour breach reporting requirement, should you be breached, and
· How FireEye can help reduce the risk and impact of a breach by securing sensitive and confidential data and improving breach response readiness—before, during, and after a cyber-attack.

Recent trends suggest a continued increase in popularity of ATM “jackpotting” operations leveraging various tactics, techniques and procedures (TTPs). While we have observed an increase in the use of ATM malware in underground communities since 2011, highly publicized events demonstrating the potential for lucrative profits from ATM jackpotting operations have undoubtedly sparked more interest in this attack vector. Join this webinar to learn about the marketplace dynamics enabling ATM jackpotting, common TTPs used by criminals, and what organizations can do to mitigate risk associated with these operations.

Aside from breaches, ransomware attacks, and insider threats, another large issue faced by the cyber security industry is diversity, or lack thereof.

Making the industry more appealing to women and then eventually retaining female talent are both challenges that are still affecting the cyber workforce.

Join this panel where we'll hear from experts who have made successful careers out of their time in the cyber security sector. They will discuss:

-How did they make their first break?
-Why does the industry have such a hard time retaining talent?
-What are some of their favourite parts about their job?
-Their advice to women in the industry
-Their advice to cyber security execs looking to create more diverse teams

Repeated high-profile breaches, disruptive attacks and global crime with indicators of sponsorship by North Korea demonstrate an increasing threat and underscore the necessity of tracking the activity of their hackers.

APT37 is less well-recognized than other threat actors sponsored by North Korea, but their increasing global activity and recent use of a zero-day exploit can no longer be ignored by network defenders.

FireEye has tracked APT37 since 2015 as TEMP.Reaper and shared details on its activities with our intelligence customers. Over time we have come to better understand APT37. On Thursday, February 28, join Ben Read, Senior Manager, Cyber Espionage at FireEye for our unique insights into APT37:

• A history of APT37 support for North Korean interests
• Details on the malware suite employed by APT37
• How APT37 has been influencing the world beyond the Korean peninsula

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organisations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 6,000 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.